Cybersecurity

Orange Belgium mega-breach exposes 850K customers to serious fraud

Everything a criminal needs for targeted attacks exposed, but telco insists 'no critical data compromised' A significant data theft at Orange Belgium has opened hundreds of thousands of its customers to serious cybersecurity risks.…

US cops wrap up RapperBot, one of world’s biggest DDoS-for-hire rackets

Feds say Mirai-spawned botnet blasted 370K attacks before AWS and pals helped yank its servers RapperBot, a botnet-for-hire blamed for hundreds of thousands of DDoS attacks, has been yanked offline by the Feds, who also hauled in its alleged Oregon-based mastermind.…

Apple rushes out fix for active zero-day in iOS and macOS

Another 'extremely sophisticated' exploit chewing at Cupertino's walled garden Apple has shipped emergency updates to fix an actively exploited zero-day in its ImageIO framework, warning that the flaw has already been abused in targeted attacks.…

Colt changes tune, admits data theft as Warlock gang begins auction

Worried about your data? No probs, says firm, we'll check the dark web crims' list for you! Yes really A week after its services were disrupted by a cyberattack, UK telco Colt Technology Services has gone back on its initial statement to confirm that data has indeed been…

Google yet to take down ‘screenshot-grabbing’ Chrome VPN extension

Researcher claims extension didn't start out by exfiltrating info... while dev says its actions are 'compliant' Security boffins at Koi Security have warned of a shift in behavior of a popular Chrome VPN extension, FreeVPN.One, which recently appears to have begun snaffling screenshots of users' page activity and…

Commvault releases patches for two nasty bug chains after exploits proven

Researchers disclosing their findings said 'it's as bad as it sounds' Researchers at watchTowr just published working proof-of-concept exploits for two unauthenticated remote code execution bug chains in backup giant Commvault.…

‘Limited’ data leak at Aussie telco turns out to be 280K customer details

iiNet breach blamed on single stolen login, with emails, phone numbers, and addresses exposed Aussie telco giant TPG Telecom has opened an investigation after confirming a cyberattack at subsidiary iiNet.…

McDonald’s not lovin’ it when hacker exposes nuggets of rotten security

Burger slinger gets a McRibbing, reacts by firing staffer who helped A white-hat hacker has discovered a series of critical flaws in McDonald's staff and partner portals that allowed anyone to order free food online, get admin rights to the burger slinger's marketing materials, and could allow an…

Don’t want drive-by Ollama attackers snooping on your local chats? Patch now

Reconfigure local app settings via a 'simple' POST request A now-patched flaw in popular AI model runner Ollama allows drive-by attacks in which a miscreant uses a malicious website to remotely target people's personal computers, spy on their local chats, and even control the models the victim's app…

Like burglars closing a door, Apache ActiveMQ attackers patch critical vuln after breaking in

Intruders hoped no one would notice their presence Criminals exploiting a critical vulnerability in open source Apache ActiveMQ middleware are fixing the flaw that allowed them access, after establishing persistence on Linux servers.…

Copyright © 2026 Lugapel